Data Privacy Compliance (Series: Corporate & Regulatory Compliance Boot Camp)
Newsletter 0021309 A0550983
1. Newsletter: Data Privacy/Data Breach and Technology Law
February 13, 2009
ALERT: QUANTIFYING THE COST OF A DATA BREACH
A February 6, 2009 article in Computerworld Security quotes research done by the Ponemon Institute, a
leading privacy organization, on its Annual Cost of a Data Breach Study. This information is valuable to the
General Counsel, Chief Financial Officer, Chief Executive Officer, and Privacy Officer of any company, as
it will help him/her understand the financial pain of a data breach incident.
The article states that after analyzing 43 companies that had data breaches, the average cost for a data breach
in 2008 was $6.65M. The average per victim cost of a data breach was $202 per victim. Where the data
breach involved a third party to which the data was outsourced, the average cost was $231 per victim.
Where the data breach was a first time event, the average cost was $243 per victim, but where a data breach
had occurred before, the average cost to the company was $192 per victim.
Conclusion: Lessons learned from prior data breaches help to reduce your cost. The law firm of
DiFrancesco, Bateman, Coley, Yospin, Kunzman, Davis & Lehrer, P.C. can help set policies and protocols in
place to help reduce your costs of data breaches. Our services in this area include: creating/updating data
breach policies and protocols, including the training of key personnel; SWAT team engagement upon a data
breach to assist you with compliance with the forty-one different state data breach laws; data breach
litigation defense. For more information, please contact Todd Ruback at Truback@newjerseylaw.net or at
908-757-7800 x196..
A publication of DiFrancesco, Bateman, Coley, Yospin, Kunzman, Davis & Lehrer, P.C.,
Warren, New Jersey 07059-5686
PHONE: 908-757-7800 FAX: 908-757-8039 EMAIL:truback@newjerseylaw.net WEBSITE:
www.newjerseylaw.net
Other offices in New York, Los Angeles, Boca Raton, Philadelphia and London
The information in this newsletter is intended solely for informational
purposes.